Mahara 1.9 prior to 1.9.8 and 1.10 prior to 1.10.6 and 15.04 prior to 15.04.3 are vulnerable to perform a cross-site request forgery (CSRF) attack on the uploader contained in Mahara's filebrowser widget. This could allow an malicious user to trick a Mahara user into unknowingly uploading malicious files into their Mahara account.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mahara mahara 1.9.4 |
||
mahara mahara 1.9.5 |
||
mahara mahara 1.9.7 |
||
mahara mahara 1.9.2 |
||
mahara mahara 1.9.3 |
||
mahara mahara 1.9.0 |
||
mahara mahara 1.9 |
||
mahara mahara 1.9.6 |
||
mahara mahara 1.9.1 |
||
mahara mahara 1.10.5 |
||
mahara mahara 1.10 |
||
mahara mahara 1.10.0 |
||
mahara mahara 1.10.1 |
||
mahara mahara 1.10.3 |
||
mahara mahara 1.10.2 |
||
mahara mahara 1.10.4 |
||
mahara mahara 15.04.1 |
||
mahara mahara 15.04 |
||
mahara mahara 15.04.0 |
||
mahara mahara 15.04.2 |